Redis is an open source, in-memory database that persists on disk. An unauthenticated connection can cause repeated IP protocol errors, leading to client starvation and, ultimately, a denial of service. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19.
References
| Link | Resource |
|---|---|
| https://github.com/redis/redis/commit/bde62951accfc4bb0a516276fd0b4b307e140ce2 | Patch |
| https://github.com/redis/redis/releases/tag/6.2.19 | Release Notes |
| https://github.com/redis/redis/releases/tag/7.2.10 | Release Notes |
| https://github.com/redis/redis/releases/tag/7.4.5 | Release Notes |
| https://github.com/redis/redis/releases/tag/8.0.3 | Release Notes |
| https://github.com/redis/redis/security/advisories/GHSA-4q32-c38c-pwgq | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Sep 2025, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/redis/redis/commit/bde62951accfc4bb0a516276fd0b4b307e140ce2 - Patch | |
| References | () https://github.com/redis/redis/releases/tag/6.2.19 - Release Notes | |
| References | () https://github.com/redis/redis/releases/tag/7.2.10 - Release Notes | |
| References | () https://github.com/redis/redis/releases/tag/7.4.5 - Release Notes | |
| References | () https://github.com/redis/redis/releases/tag/8.0.3 - Release Notes | |
| References | () https://github.com/redis/redis/security/advisories/GHSA-4q32-c38c-pwgq - Third Party Advisory | |
| CPE | cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:* | |
| First Time |
Redis
Redis redis |
08 Jul 2025, 16:18
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-07-07 16:15
Updated : 2025-09-05 15:15
NVD link : CVE-2025-48367
Mitre link : CVE-2025-48367
CVE.ORG link : CVE-2025-48367
JSON object : View
Products Affected
redis
- redis
CWE
CWE-770
Allocation of Resources Without Limits or Throttling